Vulnerability Description
Dell Wyse ThinOS 8.6 and prior versions contain an insecure default configuration vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to access the writable file and manipulate the configuration of any target specific station.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Dell | Wyse Thinos | <= 8.6 |
| Dell | Wyse 3040 | - |
| Dell | Wyse 5010 | - |
| Dell | Wyse 5040 | - |
| Dell | Wyse 5060 | - |
| Dell | Wyse 5070 | - |
| Dell | Wyse 5470 | - |
| Dell | Wyse 7010 | - |
Related Weaknesses (CWE)
References
- https://www.dell.com/support/kbdoc/en-us/000180768/dsa-2020-281Vendor Advisory
- https://www.dell.com/support/kbdoc/en-us/000180768/dsa-2020-281Vendor Advisory
FAQ
What is CVE-2020-29492?
CVE-2020-29492 is a vulnerability with a CVSS score of 10.0 (CRITICAL). Dell Wyse ThinOS 8.6 and prior versions contain an insecure default configuration vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to access the writable f...
How severe is CVE-2020-29492?
CVE-2020-29492 has been rated CRITICAL with a CVSS base score of 10.0/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2020-29492?
Check the references section above for vendor advisories and patch information. Affected products include: Dell Wyse Thinos, Dell Wyse 3040, Dell Wyse 5010, Dell Wyse 5040, Dell Wyse 5060.